$ rpki-client -vvf repo-rpki.idnic.net/repo/4f377711-1e3d-4e5a-a4ac-05a1c502ad28/0/A0A2A5CA8C20A7CF6DA1325C9BD5C3376F3FE0B3.mft File: A0A2A5CA8C20A7CF6DA1325C9BD5C3376F3FE0B3.mft (raw, json) Hash identifier: czD5EYTnrMDv1/kukmvct0BylL0wLvlqrvJP/3M5g2s= Subject key identifier: A3:11:B1:B0:67:FF:A7:47:DF:81:1D:BF:82:F9:20:BB:0D:9A:93:85 Authority key identifier: A0:A2:A5:CA:8C:20:A7:CF:6D:A1:32:5C:9B:D5:C3:37:6F:3F:E0:B3 Certificate issuer: /CN=A0A2A5CA8C20A7CF6DA1325C9BD5C3376F3FE0B3 Certificate serial: 18DFEE5E374C40ECE41AB26E5C82D3DEB4A09D17 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/A0A2A5CA8C20A7CF6DA1325C9BD5C3376F3FE0B3.cer Subject info access: rsync://repo-rpki.idnic.net/repo/4f377711-1e3d-4e5a-a4ac-05a1c502ad28/0/A0A2A5CA8C20A7CF6DA1325C9BD5C3376F3FE0B3.mft Manifest number: 033E Signing time: Wed 25 Mar 2026 22:40:59 +0000 Manifest this update: Wed 25 Mar 2026 22:35:59 +0000 Manifest next update: Sun 29 Mar 2026 00:12:59 +0000 Files and hashes: 1: 3130332e3135372e35352e302f32342d3234203d3e20333936393832.roa (hash: ta8cyJGAuX8M5px06fD7ixeqP65bXdztJIzRgtjjUTw=) 2: 3130332e38342e3131362e302f32342d3234203d3e20313336303730.roa (hash: uFvJDDnE+LzWscDNPWULjpdUKOX2mvB/YxTyjJbL490=) 3: 323030313a6466303a313730303a3a2f34382d3438203d3e20313336303730.roa (hash: DZhIHh+Q1/lFglHPCtQYtJARiOU+Khz/cuUC8LvdiAk=) 4: A0A2A5CA8C20A7CF6DA1325C9BD5C3376F3FE0B3.crl (hash: tE7zfGIo1jYQWTnLEFTUR0caoH2hLJcMca4qjjhDo78=) 5: 3130332e3135372e35352e302f32342d3234203d3e20313336303730.roa (hash: SaglbTs2Sm97iqGUTpHLhK4uFUxx2JxCBReDItgEQOA=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/4f377711-1e3d-4e5a-a4ac-05a1c502ad28/0/A0A2A5CA8C20A7CF6DA1325C9BD5C3376F3FE0B3.crl rsync://repo-rpki.idnic.net/repo/4f377711-1e3d-4e5a-a4ac-05a1c502ad28/0/A0A2A5CA8C20A7CF6DA1325C9BD5C3376F3FE0B3.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/A0A2A5CA8C20A7CF6DA1325C9BD5C3376F3FE0B3.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 29 Mar 2026 00:12:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 18:df:ee:5e:37:4c:40:ec:e4:1a:b2:6e:5c:82:d3:de:b4:a0:9d:17 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A0A2A5CA8C20A7CF6DA1325C9BD5C3376F3FE0B3 Validity Not Before: Mar 25 22:35:59 2026 GMT Not After : Mar 29 00:12:59 2026 GMT Subject: CN=A311B1B067FFA747DF811DBF82F920BB0D9A9385 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:4e:cd:51:52:6c:9d:4a:cb:93:28:84:f3:13: 20:0a:76:3b:5e:3d:bf:d9:60:98:a0:c5:3c:29:c0: a0:03:0a:7a:0a:16:e9:ff:f5:6b:ff:da:dc:75:96: 22:d3:70:b1:8f:d9:5c:c0:40:f3:d5:db:aa:6c:7c: 91:89:06:1c:a4:ec:0e:a4:68:15:75:f2:19:1b:56: aa:e1:5e:c3:70:77:a3:97:9d:32:d2:df:b8:a6:37: 89:0d:86:34:93:92:7c:e3:a5:27:0c:0a:e3:37:6d: f3:08:1e:50:5c:e2:fc:1a:a7:21:43:0c:f0:80:88: 3c:32:06:71:b2:f3:8e:49:08:a2:b0:55:62:d3:d5: cd:08:1f:18:87:39:09:bd:3f:c7:39:4f:4c:7e:99: 32:1d:cc:6e:bc:ff:00:86:63:b6:45:02:b8:66:80: 11:77:30:03:c4:8f:19:4e:46:47:2a:42:8b:4b:5d: 70:0b:c4:ef:b0:e5:dd:ba:2b:53:b9:aa:e5:ed:38: 63:52:34:23:28:d7:69:9d:72:9f:c2:dc:a4:3e:2b: 59:b3:72:ee:04:56:30:80:01:1f:9e:58:d2:ab:25: 75:d8:c8:0f:00:a5:9f:f4:c2:bc:32:84:44:4e:4d: fa:cd:72:5d:a3:47:f8:74:46:6e:d2:15:ba:c9:28: c8:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A3:11:B1:B0:67:FF:A7:47:DF:81:1D:BF:82:F9:20:BB:0D:9A:93:85 X509v3 Authority Key Identifier: keyid:A0:A2:A5:CA:8C:20:A7:CF:6D:A1:32:5C:9B:D5:C3:37:6F:3F:E0:B3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/4f377711-1e3d-4e5a-a4ac-05a1c502ad28/0/A0A2A5CA8C20A7CF6DA1325C9BD5C3376F3FE0B3.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/A0A2A5CA8C20A7CF6DA1325C9BD5C3376F3FE0B3.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/4f377711-1e3d-4e5a-a4ac-05a1c502ad28/0/A0A2A5CA8C20A7CF6DA1325C9BD5C3376F3FE0B3.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 9c:97:84:fc:b7:14:58:5d:76:e7:5e:05:41:94:74:0c:ff:a1: e8:8d:c1:57:2b:b5:75:ca:f0:a6:ee:0a:62:4f:ea:36:ca:2b: e6:b1:05:29:a0:a1:1b:80:d1:cd:cb:fa:5f:18:4a:21:0b:a4: 96:f2:5d:e6:11:cb:14:41:1d:bf:8d:e3:2d:59:64:4a:f9:7c: 59:f1:61:78:ea:1a:6c:e4:cf:1f:1b:42:ea:fd:97:99:1e:06: d4:41:a9:7a:00:6a:d3:2b:11:e0:68:c6:f3:81:b3:ac:b7:e2: a6:4d:64:46:19:06:ae:4a:b3:e8:8e:91:77:e1:e7:0b:18:46: b2:17:b8:d3:ea:59:4d:9c:f5:72:71:a9:b1:a7:f9:e9:e6:b3: 45:5f:18:32:7e:b5:e7:78:68:99:6f:02:3f:6a:29:0c:a9:65: e9:8c:7b:c8:8b:c5:54:3c:f1:94:8a:1c:92:73:5e:8b:a1:e5: 78:c0:79:30:53:dd:b6:d2:27:4a:86:7f:6b:c8:d5:8e:03:0a: 32:61:9b:86:d3:22:41:c8:bb:84:9e:5b:ba:7e:bd:f4:87:23: a8:7c:c5:8c:87:2a:e8:c0:95:f2:fa:4a:9b:2b:42:fd:b5:04: cd:de:bf:d8:be:ed:c6:d8:66:06:12:85:45:4a:fe:46:11:a5: 33:7a:9f:4c -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUGN/uXjdMQOzkGrJuXILT3rSgnRcwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQTBBMkE1Q0E4QzIwQTdDRjZEQTEzMjVDOUJENUMzMzc2 RjNGRTBCMzAeFw0yNjAzMjUyMjM1NTlaFw0yNjAzMjkwMDEyNTlaMDMxMTAvBgNV BAMTKEEzMTFCMUIwNjdGRkE3NDdERjgxMURCRjgyRjkyMEJCMEQ5QTkzODUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCyTs1RUmydSsuTKITzEyAKdjte Pb/ZYJigxTwpwKADCnoKFun/9Wv/2tx1liLTcLGP2VzAQPPV26psfJGJBhyk7A6k aBV18hkbVqrhXsNwd6OXnTLS37imN4kNhjSTknzjpScMCuM3bfMIHlBc4vwapyFD DPCAiDwyBnGy845JCKKwVWLT1c0IHxiHOQm9P8c5T0x+mTIdzG68/wCGY7ZFArhm gBF3MAPEjxlORkcqQotLXXALxO+w5d26K1O5quXtOGNSNCMo12mdcp/C3KQ+K1mz cu4EVjCAAR+eWNKrJXXYyA8ApZ/0wrwyhEROTfrNcl2jR/h0Rm7SFbrJKMidAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUoxGxsGf/p0ffgR2/gvkguw2ak4UwHwYDVR0j BBgwFoAUoKKlyowgp89toTJcm9XDN28/4LMwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby80 ZjM3NzcxMS0xZTNkLTRlNWEtYTRhYy0wNWExYzUwMmFkMjgvMC9BMEEyQTVDQThD MjBBN0NGNkRBMTMyNUM5QkQ1QzMzNzZGM0ZFMEIzLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvQTBBMkE1Q0E4QzIwQTdDRjZEQTEzMjVDOUJENUMzMzc2RjNG RTBCMy5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vNGYzNzc3MTEtMWUzZC00ZTVhLWE0 YWMtMDVhMWM1MDJhZDI4LzAvQTBBMkE1Q0E4QzIwQTdDRjZEQTEzMjVDOUJENUMz Mzc2RjNGRTBCMy5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAJyXhPy3FFhddudeBUGUdAz/oeiNwVcrtXXK 8KbuCmJP6jbKK+axBSmgoRuA0c3L+l8YSiELpJbyXeYRyxRBHb+N4y1ZZEr5fFnx YXjqGmzkzx8bQur9l5keBtRBqXoAatMrEeBoxvOBs6y34qZNZEYZBq5Ks+iOkXfh 5wsYRrIXuNPqWU2c9XJxqbGn+enms0VfGDJ+ted4aJlvAj9qKQypZemMe8iLxVQ8 8ZSKHJJzXouh5XjAeTBT3bbSJ0qGf2vI1Y4DCjJhm4bTIkHIu4SeW7p+vfSHI6h8 xYyHKujAlfL6SpsrQv21BM3ev9i+7cbYZgYShUVK/kYRpTN6n0w= -----END CERTIFICATE-----Generated at Thu Mar 26 18:31:16 2026 by rpki-client